[OFBIZ-9174] Update Groovy to 2.4.8 version [CVE-2016-6814] - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Task
Status: Closed
Priority: Major
Resolution: Not A Problem
Affects Version/s: Trunk
Fix Version/s: None
Component/s: framework
Labels:
- cve

Description

[CVE-2016-6814] Apache Groovy Information Disclosure

See https://www.mail-archive.com/announce@apache.org/msg03641.html

There is a security issue but OFBiz OOTB should not be concerned since it's an issue related with deserialisation and we don't use such in OFBiz OOTB. Better to update for users though, not sure if we should backport since we have nothing to fix...

Attachments

Activity

People

Assignee:: Jacques Le Roux

Reporter:: Jacques Le Roux

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 15/Jan/17 06:57

Updated:: 03/Jan/19 17:18

Resolved:: 03/Jan/19 17:18